Back to all blog posts

The new cookie monsters on the block

By Asaf Shamly | January 28, 2021

Cookies are a double-edged sword. The small text file helps servers identify you and serve as a useful tool that has become a fundamental part of browsing the web. On the other hand, cookies are bad-mouthed due to privacy concerns. In reality, cookies in themselves pose no real threat to user privacy. The potential problem is with the data that companies store, which the cookie links you to.

If users knew cookies were secure, used fairly and lawfully, and not kept for excessive amounts of time, most concerns would disappear overnight. However, any request for ‘Reasonable Use’ is open to interpretation, and many companies will push the limits to try and gain a competitive advantage.

Being easily identified is great when you are logging in to a website, doing some online shopping, or for remembering your preferences. But more contemporary websites can also use them to track your usage and deliver targeted ads. The tracking aspect is the main area of concern and has even led to the European Union creating legislation that requires all sites to ask for permission to use cookies. The goal is for users to be aware the website is storing some of their basic information.

Cookies are often encoded using secure socket layers (SSL), so they are secure from outside threats. However, the evolution of cookie-based ad tracking causes some controversy. There are currently a couple of standardized digital user IDs that are evolving in order to tackle these cookie-related privacy concerns.

The standardized ID would be stored as a conventional cookie. This anonymous user token would contain a timestamp of when user consent was given. This would result in a dramatic reduction in third-party requests, creating a better user experience, and better audience recognition.

AppNexus-led people-based ID consortium

AppNexus-led people-based ID consortium is a way of trying to add identity resolution to help marketers deliver more relevant content and enhance the user experience. The consortium is made up of several companies: AppNexus, LiveRamp, Index Exchange, LiveIntent, MediaMath and Rocket Fuel.

Publishers utilizing programmatic media buying outside of the Facebook and Google universes would use the standard identifier, known as the consortium ID, which would increase the efficiency of their media investment. The overall aim is to enable targeted advertising in a manner that’s comparable to Facebook and Google but in a privacy-conscious way.


DigiTrust is a non-profit organization undertaking an industry-wide collaboration. Their aim is to produce technological solutions that improve the digital experience for everyone, including consumers, publishers, advertisers, and third parties.

The first hurdle DigiTrust is tackling is to overcome the high volume of third-party requests currently associated with web pages. Their solution is to share an anonymous user token between its members, rather than using the billions of proprietary tokens.

The DigiTrust standardized ID would use a publisher’s first-party cookie, as some mobile and desktop browsers block third-party cookies. Just as the European regulation requires an acknowledgment of the use of cookies by the user, the standardized ID will load an opt-in box. This opt-in feature helps publishers automatically conform to the European regulation, while potentially providing better revenue and an improved user experience, making it popular amongst UK based publishers.

Such a common identifier will close the gap to Google and Facebook, who always have a complete match with their users.

The benefits of a standardized user token

There are many arguments for adopting standardized user tokens. Some benefit the user, some the advertisers.

No corporate monopoly
Both the AppNexus-led people-based ID consortium and DigiTrust provide non-profit solutions. This ensures objectivity and prevents the big data players from taking over. There will be a membership fee for proprietary ad tech platforms, which will provide consent and access to the standardized token, and cover costs.

A level playing field
Currently, Google and Facebook enjoy a 100% match with nearly every user, while smaller publishers suffer massive data deficiencies. A standardized ID would provide smaller publishers with the same 100% audience recognition that Google and Facebook enjoy. Hence, it will lead to an increase in competition and increased spend with independent publishers. It cannot be manipulated by any single company, so the same benefits are accessible to everyone.

Reduced risk and increased regulatory compliance
Stricter regulations and the introduction of new e-privacy laws make a standardized ID a welcome addition to companies trading in Europe. A standardized ID will make it easier for these businesses to be compliant with European data protection (GDPR) and privacy regulations.

Higher returns
The current data deficiencies mean a reduction in revenue of over 50% for independent publishers. A standardized ID will increase the recognition rate to near 100%, increasing the publisher’s yield, while driving up advertising spend.

It’s good for the masses
Third-party trackers and cookies slow down the user experience. The majority of these trackers were created for ID recognition. A standardized ID makes third-party trackers redundant. Eliminating third-party trackers will make pages load faster, and provide an overall better user experience. A recent ICO study states the average website, on your first visit, places 34 (the UK had the highest average, with 44) cookies on the device you are browsing on. Nearly three-quarters of these cookies belong to third parties.

Cookies sit on your device for a predetermined length of time. Some expire as soon as you stop browsing; others hang around for a couple of years. However, their expiration date can be set for anytime, and in the above ICO study, some were set to expire in 8,000 years.

The Browsi take: Should a standardized ID be adopted?

At Browsi, we believe publishers can greatly benefit from adopting a standardized ID. It allows them to substantially reduce the number of third-party requests for data, enables significantly greater audience recognition, and provides their visitors with a better web experience. Third-party partner integration will become more secure and effective, and regulatory pressure can be alleviated or partially mitigated in some regions. Ultimately, the success of standardized IDs will be driven by the reduction in data leakage and increased revenues, both will be driven by the far more effective audience recognition.

Latest Articles